\nMemfault is seeking an Android (AOSP) SDK Engineer. You’ll be working alongside other SDK (Linux, MCU) leads along with multiple cross-functional teams to drive the future of Android at Memfault.\n\n\nYou'll be working with a team of generalists and on a very large technology stack: we're not the typical web startup. We do everything from SDKs for microcontrollers, to large-scale data processing in the backend, to complex custom charting in the frontend.\n\n\nWe're a small but experienced team who has worked at startups, scale-ups, and includes former principal engineers at large tech companies. Our development process encourages and provides opportunities for you to contribute to as many areas of our technology stack as you’re interested in.\n\n\nNOTE: We are open to employees working outside of Berlin, Germany. We have periodic team gatherings and annual company off-sites around the world, both of which applicants would attend. \n\n\n\nYou will:\n* Collaborate with customer-facing and product teams and architect and implement Android SDK improvements that satisfy rigorous performance and size limitations.\n* Engage directly with engineers at innovative hardware companies as they integrate Memfault for the first time or add support for newly built features.\n* Build out and improve reference examples and SDK documentation.\n* Contribute to the growing suite of unit, automated, and emulator tests to ensure that improvements work reliably and regressions don’t slip into production.\n* Ship code early and often to customers. You’ll begin to constantly notice devices that are running your code out in the wild!\n* Work on an amazingly deep stack: firmware, operating systems, mobile, web.\n* Collaborate across teams to take ambiguous business problems and deliver solutions that work for our customers.\n* Start with simple, pragmatic solutions and iterate quickly. Our engineers strive to ship meaningful work every day.\n* Make meaningful contributions to our product, platform, culture, and business.\n\n\n\nYou are:\n* Collaborative, kind, low ego: other people do better when they work with you.\n* A software engineer with 3+ years of experience writing Java or Kotlin code that tightly integrates with Android Open Source Project (AOSP).\n* Well-versed in using adb, fastboot, and other low-level Android platform tools.\n* Passionate about software, unit, & integration testing.\n* A great communicator, both conversationally and in written form. You can demonstrate credibility to technical buyers and articulate value to business stakeholders.\n\n\n\nWhy you'll love being an engineer at Memfault:\n* We're proud to have an exceptional engineering culture — after all, we make developer tools and have 3 technical co-founders!\n* We work on interesting technical challenges: We’re set up as a team of generalists and have a very large technology stack, far more broad than the typical web startup. We do everything from SDKs for microcontrollers, to large-scale, real-time data processing in the backend, to complex custom charting in the frontend.\n* We are highly collaborative and ambitious: We have a small but very experienced team who has worked at startups, scale-ups, and includes former principal architects at large tech companies. You will have the chance to work directly with those people! Our development process encourages you to contribute to as many areas of our technology stack as you’re interested in.\n* We recognize growth is important for both our business and our engineers: We offer opportunities to explore different areas of our stack. Sometimes, our engineers try on different hats several times in a year! We make sure each team member is getting ample opportunity to challenge and stretch themselves, explore technologies that interest them, work across different parts of the business, and expand their skill sets.\n* We offer both fully-flexible remote work and opportunities to build in-person relationships: Fully remote, fully in-office and hybrid all a-OK. We are set up as a fully remote company, but we encourage people to come into the office to build relationships. We also have company-wide offsites once a year.\n\n\n\n\n\n$100,000 - $180,000 a year\n\nWe offer full benefits (health, vision, dental, 401k), unlimited PTO, and competitive pay and equity packages. Learn more about benefits and our company values - >\n\n\nWe want you (yes, you!) to apply\nAt Memfault, we believe in the power of diversity and the importance of fostering an inclusive environment where everyone feels valued and empowered. We hold the opinion that diversity is not just a goal, but a key driver of creativity, innovation, and growth. Our commitment to diversity and inclusion is embedded in our company culture and reflected in our policies and practices.\n\n\nWe are proud to be an Equal Opportunity Employer. We do not discriminate in employment opportunities or practices on the basis of race, color, religion, sex, national origin, age, disability, genetic information, veteran status, sexual orientation, gender identity or expression, marital status, or any other characteristic protected by law.\n\n\nResearch shows that candidates from underrepresented backgrounds often don't apply for roles if they don't meet all the criteria — unlike majority candidates meeting significantly fewer requirements. We strongly encourage you to apply if you're interested: we'd love to know how you can amplify our team with your unique experience!\n\n\nAbout Memfault\nMemfault is the first IoT reliability platform that empowers teams to build more robust devices at scale. Today hardware teams have little insight into how their products are performing and what issues are driving the majority of field failures; with Memfault, they can operate with the same speed and agility as software organizations. Companies like Lyft, Logitech, Bose, Whoop, and Verkada use Memfault's performance monitoring, device debugging, and OTA update capabilities to ship fast and build high-quality products. Memfault was founded by veterans of Pebble, Fitbit, and Oculus and is backed by Stripes, Uncork Capital, Partech, the 5G Innovation Lab, S28 Capital, and Y Combinator. Learn more about Careers at Memfault ->\n\n\nMemfault closed a $24M Series B funding round announced on January 24, 2023. Learn more ->\n\n \n\n#Salary and compensation\n No salary data published by company so we estimated salary based on similar jobs related to Java, Android and Engineer jobs that are similar:\n\n $55,000 — $100,000/year\n
\n\n#Benefits\n 💰 401(k)\n\n🌎 Distributed team\n\n⏰ Async\n\n🤓 Vision insurance\n\n🦷 Dental insurance\n\n🚑 Medical insurance\n\n🏖 Unlimited vacation\n\n🏖 Paid time off\n\n📆 4 day workweek\n\n💰 401k matching\n\n🏔 Company retreats\n\n🏬 Coworking budget\n\n📚 Learning budget\n\n💪 Free gym membership\n\n🧘 Mental wellness budget\n\n🖥 Home office budget\n\n🥧 Pay in crypto\n\n🥸 Pseudonymous\n\n💰 Profit sharing\n\n💰 Equity compensation\n\n⬜️ No whiteboard interview\n\n👀 No monitoring system\n\n🚫 No politics at work\n\n🎅 We hire old (and young)\n\n
\n\n#Location\nBoston MA / New York, NY / San Francisco CA / Berlin, Germany

\nAs a Principal Application Security Engineer at Vimeo, you will engage in a variety of activities, either offensive, defensive, or some combination thereof, ultimately aimed at safeguarding our users who entrust Vimeo with their content every day.\n\nYou’ll plan, carry out, and lead security initiatives to monitor and protect sensitive data and systems from infiltration and cyber-attacks.\n\nYou will likely collaborate frequently with and support developers, as well as members of the infrastructure security team, the compliance team, IT, Product, and other teams throughout the organization.\n\nYou love to solve puzzles, and are a great team player.\n\nThis role is remote. The role requires three hours of overlap with the US Eastern time zone (i.e., New York City) daily.\n\nWhat you’ll do:\n\nDepending on your preferences and the current needs of the team, you may either focus on just one or two of the following areas, or you may choose to become involved with many of them.\n\n\n* Security architecture — create a technical plan for partitioning and consolidating our cookies; draft up a sequence diagram for a new middleware to prevent IDOR attacks; implement a POC for leveraging CAPTCHA challenges in cross-origin embedded iframes; draft some code to modify the expiration behavior of our JWTs then pair with our API team to get feedback\n\n* Penetration testing — either hunt for security issues on our production or staged applications during an open-box internal pen test, or help coordinate an engagement with an external firm\n\n* Writing code for internal automated security tools — write some code, usually in Python, Bash, or Go, to support any of our team's various initiatives. Often we strive to facilitate a culture of “paved roads” for our developers, such that it is easy for any developer to incorporate security into their designs and implementations\n\n* Threat modeling — consider how malicious attackers may compromise our systems, and advise developers and product managers on what defenses are needed\n\n* Code reviews — discover weakness in our source code before it reaches production\n\n* Bug bounty program — help triage new incoming reports on a daily basis, plus launch creative initiatives to increase researcher engagement on our programs\n\n* Web Application Firewall and Rate Limiting — expand coverage and tune new rules while coordinating with developers, support team members, and the site reliability team\n\n* Remediation — enable and encourage developers to correctly fix recently discovered security issues in a timely manner, ultimately reducing our Mean Time To Remediate\n\n* Secure Software Development Lifecycle — configure automated tooling (eg. static and dynamic code analysis,, IAST) in our SDLC to detect security issues in our source code before it reaches production\n\n* Developer Education, Security Culture — create fun ways to spread technical security awareness throughout the engineering department\n\n* Incident response — lead or assist in running the various phases of an incident response, including initial detection, triage, containment, recovery, root cause analysis, retrospective, etc.\n\n* Collaboration with the infrastructure security team — pair with members of the infrastructure security team on various projects to secure our cloud instances and employee workstations\n\n* Collaboration with the compliance and privacy team — help ensure that our company complies with industry best practices and standards\n\n* Process improvements — help strengthen our own internal processes and procedures\n\n* A typical day will look like:\n\n\n\n* Engage with one or more product development teams and guide them through a threat model and data flow analysis.\n\n* Review the code for major new functionality to ensure security best practices are followed.  \n\n* Review new tickets in our bug bounty program (http://hackerone.com/vimeo) and use your system design and threat modeling knowledge to reproduce, define risk and mitigating controls and propose a fix., \n\n* A call or two with Development, Product Management teams to discuss security-related issues\n\n* Pen test a new feature in a staging environment with Burp Pro\n\n* Assist the compliance team on a privacy-related project\n\n* Provide technical advice in response to occasional questions from developers and other members of the security team\n\n\n\n\n\n\nSkills and knowledge you should possess:\n\n\n* Required: 5+ years of prior experience in either software development, devops, or site reliability engineering with hands-on coding experience.\n\n* Preferred: prior experience in Application Security\n\n* 7+ total years of relevant experience in Engineering, Application Security, or a similar technical field.\n\n* Strong knowledge of modern web, mobile, and network security\n\n* Strong programming skills with at least one of the following languages, and the ability to read all of them: Python, Go, PHP, Javascript, and Ruby\n\n* Expertise with application pen testing, using tools like Burp or Zap\n\n* Confident working in and across cloud environments like AWS and GCP. Detailed knowledge of at least one cloud environment.\n\n* Confident with shell scripting\n\n* Confident with common SDLC components, like git, Jira, Jenkins, etc\n\n* Confident ability to communicate technical security concepts to developers\n\n* At least an upper-intermediate level of English\n\n\n\n\nBonus points:\n\n\n* Link to a Github repo with security tools/scripts you’ve developed or help maintain\n\n* Full-stack web development experience creating RESTful applications (in any language) is a big plus\n\n* Open source vulnerability research or blog posts is a big plusS\n\n* Experience with system security hardening guidelines and SDLC principles\n\n\n \n\n#Salary and compensation\n No salary data published by company so we estimated salary based on similar jobs related to Design, Cloud, API and Engineer jobs that are similar:\n\n $62,500 — $105,000/year\n
\n\n#Benefits\n 💰 401(k)\n\n🌎 Distributed team\n\n⏰ Async\n\n🤓 Vision insurance\n\n🦷 Dental insurance\n\n🚑 Medical insurance\n\n🏖 Unlimited vacation\n\n🏖 Paid time off\n\n📆 4 day workweek\n\n💰 401k matching\n\n🏔 Company retreats\n\n🏬 Coworking budget\n\n📚 Learning budget\n\n💪 Free gym membership\n\n🧘 Mental wellness budget\n\n🖥 Home office budget\n\n🥧 Pay in crypto\n\n🥸 Pseudonymous\n\n💰 Profit sharing\n\n💰 Equity compensation\n\n⬜️ No whiteboard interview\n\n👀 No monitoring system\n\n🚫 No politics at work\n\n🎅 We hire old (and young)\n\n
\n\n#Location\nTel Aviv, Tel Aviv District, Israel

About the Role: \n\nAs a Senior Engineer on the Developer Productivity team, you will spearhead the effort to build systems and automation that are the development, build, and delivery backbone of the Motive platform across SaaS, Mobile, and Embedded/IoT products. With a focus on secure and highly scalable distributed services, you will leverage technology such as Kubernetes, ArgoCD, ProwCI, Tekton, Bazel, and whatever the future may hold to advance an automated and easy to use and maintain ecosystem to support Golang, Ruby on Rails, and Python services (as well as Kotlin and C for our Mobile and Embedded friends!). If creating direction for and implementing top-tier development tools, automation, infrastructure, and release pipelines, while providing guidance and mentorship to fellow engineers excites you, then Motive has the perfect role for you.\nWhat You’ll Do: \n\n\n* Help define the direction and initiatives for the team and platform.\n\n* Strategize and build fully automated bootstrapping and delivery pipelines. \n\n* Progress and evangelize self-service engineering technologies and approaches.\n\n* Advance the local development experience while maintaining consistency.\n\n* Build self-healing infrastructure that enables fast, robust automated testing.\n\n* Improve the performance and reliability of existing systems.\n\n* Host Brown Bag sessions, demos, and more to drive adoption and collaboration.\n\n* Coach and mentor team engineers and collaborate on designs.\n\n\n\nWhat We’re Looking For: \n\nWe are looking for someone with advanced knowledge and experience in creating and improving systems that will help the engineering org to function more efficiently. This individual will have prior experience in some or all of the following:\n\n\n* Building CI/CD infrastructure with multiple pipeline solutions over the years ( such as Tekton, Prow, CircleCI, Jenkins, Spinnaker, Github Actions, etc.)\n\n* Improving the SDLC release process.\n\n* Streamlining microservice creation mechanisms.\n\n* Streamlining developer's local environments (Ansible, local kubernetes, etc.)\n\n* Git flow and versioning strategy expertise.\n\n* Working with mechanisms that facilitate reproducible builds across the org.\n\n* Experience improving the developer experience with multiple stakeholders in a large organization.\n\n* Experience in Golang, Ruby on Rails, Python or similar languages.\n\n* Working knowledge of AWS services and technologies.\n\n* Experience with infrastructure as code and configuration management (Terraform, Ansible, Helm, etc.)\n\n* Experience with large scale distributed release management processes. Experience with Bazel is a plus.\n\n* Experience in a containerized world with orchestration frameworks such as Kubernetes.\n\n* 5+ years engineering experience\n\n\n\n\nBonus Skills to have\n\n\n* \n\n\n* Experience with Gerrit and Android OS (AOSP) build systems\n\n* Experience with embedded systems builds and compiles\n\n\n\n\n\n\n\n\n  \n\n#Salary and compensation\n No salary data published by company so we estimated salary based on similar jobs related to Python, DevOps, Ruby, Mobile, Senior, Android and Engineer jobs that are similar:\n\n $60,000 — $110,000/year\n
\n\n#Benefits\n 💰 401(k)\n\n🌎 Distributed team\n\n⏰ Async\n\n🤓 Vision insurance\n\n🦷 Dental insurance\n\n🚑 Medical insurance\n\n🏖 Unlimited vacation\n\n🏖 Paid time off\n\n📆 4 day workweek\n\n💰 401k matching\n\n🏔 Company retreats\n\n🏬 Coworking budget\n\n📚 Learning budget\n\n💪 Free gym membership\n\n🧘 Mental wellness budget\n\n🖥 Home office budget\n\n🥧 Pay in crypto\n\n🥸 Pseudonymous\n\n💰 Profit sharing\n\n💰 Equity compensation\n\n⬜️ No whiteboard interview\n\n👀 No monitoring system\n\n🚫 No politics at work\n\n🎅 We hire old (and young)\n\n
\n\n#Location\nNew York City, New York, United States